Ch 23 SQUID
Squid is basically internet connection sharing server as well we can monitor the net access and control also.
It does require at least 2 Ethernet card.
Ex: eth0: 122.169.108.70 (ISP )
255.255.255.0
122.169.108.1
59.144.127.16
59.144.127.17
eth1: 192.168.30.1 (Local Network)
255.255.255.0
# packages required
# rpm –qa squid
To add more ip to single eth: # ifconfig eth1:2 192.168.40.2 and ifconfig eth1:3 10.0.0.1
# vi /etc/squid/squid.conf
Remove comment “#” from below lines.
http_port 3128
or
http_port 3128 transparent
(if you wish to add rule for redirecton of all clients ports no 80)
cache_dir ufs /var/spool/squid 100 16 256 (LINE NO 993)
Access_log /var/log/squid/access.log ( Line no 1079)
cache_log /var/log/squid/cache.log ( Line no 1087)
acl our_networs src 192.168.0.0/21 (as per your enviourment)
http_access allow our_networks (line no 2524)
visible_hostname stn2 (not required in new squid version)
(line no 2843)
:wq
# vi /etc/sysctl.conf
net.ipv4.ipforward = 1
(By default its 0)
(to enable swap directory)
# squid –z
After small changes in squid.conf file read the kernel
# squid –k reconfigure
# sysctle –p
# service squid restart